Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'wscript32' = '%WINDIR%\wscript32.exe makedon'
- <SYSTEM32>\regsvr32.exe "%WINDIR%\wbhelper.ocx" /silent"
- %WINDIR%\wbhelper.ocx
- %WINDIR%\wscript32.exe
- 'localhost':1040
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Indicator' WindowName: ''